Zeroize sensitive data in aescrypt2 and crypt_and_hash examples
This commit replaces multiple `memset()` calls in the example
programs aes/aescrypt2.c and aes/crypt_and_hash.c by calls to
the reliable zeroization function `mbedtls_zeroize()`.
While not a security issue because the code is in the example
programs, it's bad practice and should be fixed.
diff --git a/programs/aes/aescrypt2.c b/programs/aes/aescrypt2.c
index de9d422..939c927 100644
--- a/programs/aes/aescrypt2.c
+++ b/programs/aes/aescrypt2.c
@@ -69,6 +69,12 @@
return( 0 );
}
#else
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
int main( int argc, char *argv[] )
{
int ret = 1;
@@ -441,13 +447,13 @@
the case when the user has missed or reordered some,
in which case the key might not be in argv[4]. */
for( i = 0; i < argc; i++ )
- memset( argv[i], 0, strlen( argv[i] ) );
+ mbedtls_zeroize( argv[i], strlen( argv[i] ) );
- memset( IV, 0, sizeof( IV ) );
- memset( key, 0, sizeof( key ) );
- memset( tmp, 0, sizeof( tmp ) );
- memset( buffer, 0, sizeof( buffer ) );
- memset( digest, 0, sizeof( digest ) );
+ mbedtls_zeroize( IV, sizeof( IV ) );
+ mbedtls_zeroize( key, sizeof( key ) );
+ mbedtls_zeroize( tmp, sizeof( tmp ) );
+ mbedtls_zeroize( buffer, sizeof( buffer ) );
+ mbedtls_zeroize( digest, sizeof( digest ) );
mbedtls_aes_free( &aes_ctx );
mbedtls_md_free( &sha_ctx );